<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2018/1/23
 * Time: 10:07
 */

namespace app\admin\controller;


use think\Controller;
use think\exception\HttpException;
use app\admin\library\Auth;

class AdminController extends Controller
{
    const USER = 'user';

    /**
     * 无需登录的方法,同时也就不需要鉴权了
     * @var array
     */
    protected $noNeedLogin = [];

    /**
     * 无需鉴权的方法,但需要登录
     * @var array
     */
    protected $noNeedRight = [];

    /**
     * @var Auth
     */
    protected $auth;

    /**
     * 初始化
     */
    protected function initialize()
    {
        $this->auth = Auth::instance();
        $actionName = $this->request->action();
        //不需要登录
        if(in_array($actionName,$this->noNeedLogin)){
            return;
        }

        if(in_array($actionName,$this->noNeedRight)){
            if(!$this->auth->getUser()){
                throw new HttpException(403,'您没有登录');
            }
            return;
        }
        $path = $this->request->url();
        $is_auth = $this->auth->hasAuth($path);
        if(!$is_auth){
            throw new HttpException(403,'您没有权限');
        }

    }


}